System and Method for Providing Secure Data for Display Using Augmented Reality

ABSTRACT

A system for authorizing secure data transmission is provided. The system comprises at least one wearable device comprising a head-mounted display configured to receive and display data to a user wearing the head-mounted display. At least one security mechanism associated with each of the at least one wearable device is configured to collect authorization data associated with the user when the user is wearing the head-mounted display. A central processor is in communication with the at least one wearable device via a network. The central processor is configured to receive the authorization data over the network, determine a level of authorization for the user based at least in part on the authorization data, and transmit to the user secure data commensurate with the level of authorization for the user.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to U.S. Provisional Application Nos.61/787,780, 61/787,966, and 61/788,104, all filed Mar. 15, 2013, thecomplete disclosures of which are incorporated herein by reference intheir entirety.

BACKGROUND OF THE INVENTION

Collaborative projects frequently require individuals with differinglevels of authorization to access sensitive data. In some industries,unauthorized users must be prevented from accessing or viewing sensitivedata. This arrangement can be detrimental to collaboration. One way thatusers may access sensitive data is using a wearable device having ahead-mounted display that is configured to display the sensitive data inthe user's field of vision using Augmented Reality (AR). There is a needfor wearable devices to include one or more security features toauthenticate the wearer before displaying sensitive data.

SUMMARY OF THE INVENTION

An illustrative aspect of the invention provides a system forauthorizing secure data transmission. The system comprises at least onewearable device comprising a head-mounted display configured to receiveand display data to a user wearing the head-mounted display. The systemfurther comprises at least one security mechanism associated with eachof the at least one wearable device and configured to collectauthorization data associated with the user when the user is wearing thehead-mounted display. The system further comprises a central processorin communication with the at least one wearable device via a network,the central processor being configured to receive the authorizationdata, determine a level of authorization for the user based at least inpart on the authorization data, and transmit to the user secure datacommensurate with the level of authorization for the user.

Another illustrative aspect of the invention provides a method ofauthorizing the transmission of secure data to a wearable display deviceworn by a user and associated with at least one security mechanism. Themethod comprises receiving authorization data from one of the setconsisting of the wearable display device and the at least one securitymechanism. The method further comprises determining an authorizationlevel for the user based at least in part on the authorization data. Themethod further comprises transmitting secure data commensurate with thelevel of authorization for the user to the wearable device.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention can be more fully understood by reading the followingdetailed description together with the accompanying drawings, in whichlike reference indicators are used to designate like elements, and inwhich:

FIG. 1 is a schematic representation of a system according to anembodiment of the invention;

FIG. 2 is a schematic representation of a system according to anembodiment of the invention; and

FIG. 3 is a block diagram illustrating a method according to anembodiment of the invention.

DETAILED DESCRIPTION OF THE INVENTION

While the invention will be described in connection with particularembodiments, it will be understood that the invention is not limited tothese embodiments. On the contrary, it is contemplated that variousalternatives, modifications and equivalents are included within thespirit and scope of the invention as described.

The system described herein uses augmented reality (AR) to displayinformation to a user on a wearable display device. The system uses oneor more security features to authenticate the user and display sensitivedata while preventing unauthorized users from gaining access to thedata.

A wearable display device (herein after referred to as a head-mounteddisplay device (HMD)) is a display device that a person wears on thehead in order to have video information directly displayed in front oftheir eyes. U.S. Pat. No. 8,212,859 to Tang et al. (“Tang”), thecomplete disclosure of which is incorporated herein by reference,describes the construction and function of illustrative HMDs in moredetail. As described in Tang, an HMD may have one or two small CRT, LCD,or OLED displays with magnifying lenses and other associated opticalelements. The displays and optics are typically embedded in a helmet,glasses, goggles, contacts, or a visor which a user can wear. Asdisclosed in Tang, some HMDs can be used to view one or more see-throughimages imposed upon a real-world view. This is often referred to asaugmented reality.

FIG. 1 depicts an exemplary embodiment of a system 100 for displayingsensitive data to an authorized user of a wearable display device 101,or HMD. The system includes a wearable display device, or HMD 101, asecure data system 102 that includes one or more secure data processors103, at least one security feature 104, and a network 108 thatcommunicatively couples the wearable display device 101 and secure dataprocessor 103. It is noted that the system in FIG. 1 illustrates only asingle instance of each component. It will be appreciated that multipleinstances of these components may be used. Moreover, the system mayinclude other devices not depicted in FIG. 1.

HMD 101 may be, for example and without limitation, glasses, goggles, avisor, a helmet, or contact lenses. HMD 101 may include a display, aframe, a camera, one or more wireless connections to a data processor,one or more security features, a microphone, and a small speaker. HMD101 may include one or more processors embedded in the frame. The one ormore processors may be remote to the wearable device and may communicatewith the wearable device wirelessly.

HMD 101 may transmit and receive data to and from secure data system102, which may comprise one or more secure data processors 103. The oneor more secure data processors may be one or more network enabledcomputers or servers. As used herein, the term network enabled computerand/or device may include, but is not limited to: e.g., any computerdevice, or communications device including, e.g., a server, a networkappliance, a personal computer (PC), a workstation, a mobile device, aphone, a smartphone, a tablet computer, a laptop, a handheld PC, apersonal digital assistant (PDA), a thin client, a fat client, anInternet browser, or other device.

As shown in FIG. 1, HMD 101 may communicate wirelessly with secure datasystem 102 via network 108. Network 108 may be a wireless network, awired network or any combination of wireless network and wired network.Network 108 may be a wireless LAN, a Global System for MobileCommunication (“GSM”), a Personal Communication Service (“PCS”), aPersonal Area Network (“PAN”), D-AMPS, Wi-Fi, Fixed Wireless Data, IEEE802.11a, 802.11b, 802.15.1, 802.11n and 802.11g or any other wired orwireless network for transmitting and/or receiving a data signal.

In some instances, HMD 101 may be configured to use AR technology todisplay sensitive or proprietary information to the wearer. Thesensitive data may be wirelessly transmitted to HMD 101 from a remotelocation, such as the secure data system 102. HMD 101 may display thesensitive data to the user using AR technology. The disclosure hereindescribed systems and methods for authenticating a user (wearer) of thedisplay device so that only authorized users can view the sensitiveinformation on the display of HMD 101. The systems and methods may beimplemented in conjunction with one or more security features 104.Security feature 104 may be physically coupled to wearable device 101.Security feature 104 may be integrated with wearable device 101.Security feature 104 may be communicatively coupled to wearable device101, network 108, and/or secure data system 102 to prevent unauthorizedusers from gaining access to the sensitive information via the HMD.

FIG. 2 depicts an exemplary embodiment of an HMD that has been equippedwith one or more security features 104 to prevent an unauthorized userfrom viewing sensitive data using the HMD. Device 202 and device 204 maybe the same device, equipped with one or more security features.Unauthorized device 202 denotes the state when an unauthorized userwears device 202. Authorized device 204 denotes the state when anauthorized user wears device 204. As shown, the unauthorized userwearing device 202 would only be able to view data “12345” in his fieldof vision. By contrast, an authorized user wearing device 204 would beable to see “12345 546546516” displayed in his field of vision.

The combination of HMD 101, security feature 104, and the secure datasystem 102 (including secure data processor 103) may use one or moreforms of authentication to verify the user's authenticity. In oneembodiment, security feature 104 may comprise a microphone connected toHMD 101. The user may speak a password into the microphone. HMD 101 maytransmit the spoken password to the secure data system 102 (via network108), which may use voice recognition software to authenticate the user.Secure data system 102 may include a database of voice samples fromauthorized users. Secure data processor 103 may compare the receivedvoice sample from HMD 101 and compare it to the one or more stored voicesamples to determine if the user of HMD 101 is an authorized user. Ifthe user is appropriately authenticated, the secure data processor 103may transmit sensitive data to HMD 101 for display to the authorizeduser, as shown on device 204 in FIG. 2. The amount or nature of thesensitive data that is displayed to the user may vary depending on thelevel of access associated with the user.

Once a user of an HMD has been authenticated, the user may be able toview sensitive data on the display of the HMD for as long as the user iswearing the HMD. If an unauthorized user attempts to put an HMD that waspreviously being used by an authorized user, a signal from securityfeature 104 of the HMD may tell the secure data system 102 that the HMDis no longer being worn by the authorized user. This signal may be asecurity break signal that may cause the secure data system 102 to ceasetransmitting sensitive data to HMD 101 and effectively return the HMD toan unauthorized display state (as shown on device 202 in FIG. 2).

Various security features 104 may be incorporated into the HMD toauthorize a user or detect changes in the user identity. For example, inone exemplary embodiment, security feature 104 may comprise anaccelerometer that is configured to detect sudden changes in theposition of the HMD caused by a user “taking off” or “putting on” theHMD. In response to detected changes, HMD 101 and/or security feature104 may transmit one or more security break signals to the secure datasystem 102. The secure data system may require the HMD to be stationaryat all times. In this scenario, in response to any motion detected bythe accelerometer, a security break signal would be sent to the securedata system. In another exemplary embodiment, the secure data system 102may require the HMD to be moving at a constant velocity. Any change inthe HMD's velocity may be detected by the accelerometer, and a securitybreak signal would be sent to the secure data system, causing the securedata system to cease transmission of the sensitive data to the HMD.

In another exemplary embodiment, security feature 104 may comprise oneor more heat or temperature sensors. These heat sensors may bepositioned to detect body heat emanating from the user of the HMD whenthe HMD is being worn. Alternatively, security feature 104 may compriseone or more moisture sensors. The heat sensors/temperaturesensors/moisture sensors may be configured to send security breaksignals to the secure data system in response to a detected change intemperature or moisture level, which may correspond to the HMD beingtaken off or put on.

In another exemplary embodiment, security feature 104 may comprise oneor more scanning devices that are configured to frequently scan theuser's eye or eyes. Each authorized user may have a unique biometricsignature that may have been previously stored with the secure datasystem 102. The scanning device may periodically send a signal to thesecure data system that includes the most recent scan of the user's eyeor eyes. Secure data system 102 may compare the scanned information tothe stored biometric signatures to verify the identity or authenticityof the user. If the received scan is not authenticated, secure datasystem 102 may immediately cease transmitting sensitive data to the HMD.Security feature 104 may be configured to detect and/or monitor otherbiometric signatures, such as a heartbeat or a live DNA scan.

In another exemplary embodiment, security feature 104 may comprise oneor more scanners that are configured to detect digital signatures. Anauthorized user may have been equipped with one or more security tags,such as a quick reference (QR) code, RFID tag, proximity badge, or achip embedded on the user. The one or more security tags may be worn onthe user's clothing, jewelry, or physically embedded on their person.The security tags may broadcast digital signals (such as an RFIDsignal), or the security tags may be passive devices. Security feature104 may be configured to detect the signals from the security tags, orto scan the user for the security tag. The HMD may transmit the detectedsignal or signals to secure data system 102, which may compare them toknown identifiers associated with authorized users. If no match isfound, secure data system 102 may cease transmitting sensitive data tothe HMD. Additionally or alternatively, if the HMD does not detect adigital signal or security feature, the HMD may transmit a securitybreak signal to secure data system 102, and the secure data system maycease transmission of sensitive data to the HMD in response. Securityfeature 104 and/or HMD 101 may be configured to physically connect toone or more security tags that are worn by the user. The aforementionedsecurity features may be combined as necessary or desirable.

FIG. 3 is a flowchart illustrating the functionality of a method forproviding a secure data display on a wearable device. This exemplarymethod 300 may be provided by way of example, as there are a variety ofways to carry out the method. The method 300 shown in FIG. 3 can beexecuted or otherwise performed by one or a combination of varioussystems. The method 300 is described below may be carried out by thesystems and networks shown in FIGS. 1 and 2, by way of example, andvarious elements of the systems and networks are referenced inexplaining the example method of FIG. 3. Each block shown in FIG. 3represents one or more processes, methods or subroutines carried out inexemplary method 300. Referring to FIG. 3, exemplary method 300 maybegin at block 302.

At block 302, the secure data system receives a first signal from awearable device. The first signal may be from a security featureassociated with the wearable device. The first signal may be anauthorization signal. At block 304, the secure data system may analyzethe first signal to determine whether the user of the wearable device isan authorized user. The first signal may be a voice sample. The securedata system may compare the voice sample to one or more stored voicesamples from authorized users in order to determine whether the receivedvoice sample is associated with an authorized user. The first signal maybe a retinal scan. The secure data system may compare the retinal scanwith one or more stored retinal scans from authorized users. The firstsignal may be a spoken password. The secure data system may compare thespoken password with one or more stored passwords associated withauthorized users. The first signal may be a DNA scan. The secure datasystem may compare the DNA scan with one or more stored DNA samplesassociated with authorized users. If the secure data system determinesthat the user associated with the wearable device is authorized, method300 may proceed to block 306. If the secure data system determines thatthe user associated with the wearable device is not an authorized user,method 300 may proceed to block 308.

At block 306, secure data system may transmit secured data to thewearable device for display in the field of vision of the user of thewearable device. Secure data system may also transmit unsecured data.The amount and content of the secured data that is transmitted to thewearable device may depend on a level of security clearance associatedwith the authorized user. The wearable device may be equipped with ARtechnology, allowing the user to view the secured data in his field ofvision. At block 308, the secure data system may transmit unsecured datato the wearable device. In other embodiments, the secure data system maynot transmit any data to the wearable device if the user was notauthorized in step 304.

At block 310, the secure data system may receive a second signal fromthe wearable device. The second signal may be generated by the one ormore security features associated with the wearable device. The secondsignal may be similar to the signal received in step 302. The secondsignal may be generated by an accelerometer associated with the wearabledevice. The second signal may indicate that the wearable device has beensuddenly moved. The second signal may be generated by a temperaturesensor associated with the wearable device. The second signal mayindicate a sudden change in temperature. At block 312, secure datasystem may analyze the second signal to determine whether the authorizeduser is still wearing the wearable device. For example, if the secondsignal is generated by an accelerometer, the secure data system may havestored a maximum acceleration threshold and compare the second signal tothe stored threshold. If the second signal exceeds the threshold, thesecure data system may cease transmission of the secured data. If thesecure data system determines that the authorized user is no longerwearing the wearable device, method 300 may proceed to block 308, wheresecure data system may cease transmission of any data to the wearabledevice (or only transmit unsecured data). If the secure data systemdetermines that the authorized user is still wearing the wearabledevice, method 300 may proceed to block 314, where secure data systemmay continue transmitting secured data and unsecured data to thewearable device.

It will be readily understood by those persons skilled in the art thatthe present invention is susceptible to broad utility and application.Many embodiments and adaptations of the present invention other thanthose herein described, as well as many variations, modifications andequivalent arrangements, will be apparent from or reasonably suggestedby the present invention and foregoing description thereof, withoutdeparting from the substance or scope of the invention.

1. A system for authorizing secure data transmission, the systemcomprising: at least one wearable device comprising a head-mounteddisplay configured to receive and display data to a user wearing thehead-mounted display; at least one security mechanism associated witheach of the at least one wearable device and configured to collectauthorization data associated with the user when the user is wearing thehead-mounted display; and a central processor in communication with theat least one wearable device via a network, the central processor beingconfigured to receive the authorization data, determine a level ofauthorization for the user based at least in part on the authorizationdata, and transmit to the user secure data commensurate with the levelof authorization for the user.
 2. The system of claim 1, wherein thecentral processor is configured to determine the level of authorizationfor the user at least in part by comparing the authorization data todata stored in a database of authorized users.
 3. The system of claim 1,wherein the head mounted display is one of the set consisting of ahelmet, glasses, goggles, contacts, and a visor.
 4. The system of claim1, wherein the head-mounted display is configured for receiving anddisplaying augmented reality images to the user and wherein the securedata includes augmented reality images.
 5. The system of claim 1,wherein the at least one security mechanism comprises at least one ofthe set consisting of an accelerometer, a temperature sensor, a retinalscanner, a motion sensor, a DNA scanner, a microphone, a moisturesensor, a scanner, a barcode reader, and a camera.
 6. The system ofclaim 1, wherein the authorization data comprises at least one of theset consisting of a voice sample, a temperature reading, a retinal scan,a DNA scan, an image, a moisture level, a QR code, an RFID scan, ameasured velocity, and a measured acceleration.
 7. The system of claim1, wherein the central processor is further configured to determine ifthe user is not an authorized user and to transmit only non-secured datato the at least one wearable device if the central processor determinesthat the user is not an authorized user.
 8. The system of claim 1,wherein the at least one security mechanism is configured for directcommunication with the central processor.
 9. The system of claim 8,wherein the at least one security mechanism is configured to monitor asecurity parameter indicative of the user continuing to wear thehead-mounted display.
 10. The system of claim 9, wherein the at leastone security mechanism is configured so that the at least one securitymechanism notifies the central processor of sudden changes in themonitored security parameter.
 11. The system of claim 10 wherein thecentral processor is configured to stop transmission of secure data tothe wearable device associated with the user responsive to receiving anotification of sudden changes in the monitored security parameter fromthe at least one security mechanism.
 12. A method of authorizing thetransmission of secure data to a wearable display device worn by a userand associated with at least one security mechanism, the methodcomprising: receiving authorization data from one of the set consistingof the wearable display device and the at least one security mechanism;determining an authorization level for the user based at least in parton the authorization data; and transmitting secure data commensuratewith the level of authorization for the user to the wearable device. 13.The method of claim 12, wherein the action of determining anauthorization level for the user comprises comparing the authorizationdata to data stored in a database of authorized users.
 14. The method ofclaim 13, wherein the action of determining an authorization level forthe user further comprises: determining a security clearance levelassociated with the user based at least in part on the authorizationdata; and altering the secure data based on the security clearancelevel.
 15. The method of claim 12, wherein the secure data includesaugmented reality images configured for display to the user by thewearable display device.
 16. The method of claim 12, wherein theauthorization data comprises at least one of a voice sample, atemperature reading, a retinal scan, a DNA scan, an image, a moisturelevel, a QR code, an RFID scan, a measured velocity, and a measuredacceleration.
 17. The method of claim 10, further comprising:determining if the user is not an authorized user; and responsive to adetermination that the user is not an authorized user, transmitting onlynon-secured data to the wearable display device.
 18. The method of claim10, wherein the at least one security mechanism is configured to monitora security parameter indicative of the user continuing to wear thehead-mounted display, the method further comprising: receiving from oneof the set consisting of the wearable display device and the at leastone security mechanism a notification of a sudden change in themonitored security parameter; and responsive to receiving a notificationof a sudden change in the monitored security parameter, stoppingtransmission of secure data to the wearable display device.